package com.heisenhub.uua.controller;

import com.heisenhub.common.oauth.annotation.ApiResourceOpen;
import com.heisenhub.uua.service.ValidateCodeService;
import com.heisnenhub.common.module.constant.HttpConstant;
import com.heisnenhub.common.module.utils.Api;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.security.Principal;

/**
 * @author sen
 * @description
 * @date 2024/3/19 14:55
 */
@Slf4j
@RestController
public class SecurityController {

    @Autowired
    private ConsumerTokenServices consumerTokenServices;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    ValidateCodeService validateCodeService;

    @GetMapping("oauth/test")
    public String testOauth() {
        return "oauth";
    }

    @GetMapping("user")
    public Principal currentUser(Principal principal) {
        return principal;
    }


    /**
     *  获取验证码
     * @param request
     * @param response
     */
    @ApiResourceOpen
    @GetMapping("captcha")
    public void captcha(HttpServletRequest request, HttpServletResponse response)  {
        validateCodeService.create(request, response);
    }


    /**
     * 校验 token
     * @param token
     * @return
     */
    @GetMapping("verifyToken")
    @ApiResourceOpen
    public Api verifyToken(String token)  {
        log.info("【校验 token】 {}", token);
        OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(token);
        if (oAuth2AccessToken == null)  return  Api.fail("token错误 或已失效");
         if(oAuth2AccessToken.isExpired()){
             if (oAuth2AccessToken.getRefreshToken() != null) {
                 this.tokenStore.removeRefreshToken(oAuth2AccessToken.getRefreshToken());
             }
             tokenStore.removeAccessToken(oAuth2AccessToken);
             return  Api.fail("token已失效");
         }
        return   Api.ok();
    }



    /**
     * 退出登入
     * @param request
     * @return
     */
    @DeleteMapping("signout")
    public Api signout(HttpServletRequest request)  {
        log.info("【准备登出】");
        String authorization = request.getHeader(HttpConstant.HttpHeader.AUTHORIZATION);
        String token = StringUtils.replace(authorization, HttpConstant.HttpHeader.TOKEN_PREFIX, "");
        return   Api.of(consumerTokenServices.revokeToken(token)) // 退出登入
                .failMsg(HttpConstant.HttpMsg.MSG_SINGIN_OUT_FAIL)
                .OkMsg(HttpConstant.HttpMsg.MSG_SINGIN_OUT_SUCCESS)
                .build();
    }
}
